Serious Phar Flaw Allows Arbitrary Code Execution on Drupal
2019-05-09T16:00:22
ID THREATPOST:CFCC772FE78B52485C3DA211A9342202 Type threatpost Reporter Lindsey O'Donnell Modified 2019-05-09T16:00:22
Description
Multiple content management systems – including Drupal, Joomla and Typo3 – are open to a vulnerability that can lead to arbitrary code execution on some systems.
The flaw (CVE-2019-11831) exists in the phar stream wrapper component used in PHP-driven projects. A Phar archive is used to distribute a complete PHP application or library in a single file; the phar stream wrapper is an open-source component made available by Typo3, which allows users to check that the file is a valid Phar file, loaded from a specific directory, with the correct file extension.
However, researcher Daniel le Gall discovered that the feature protecting the phar stream wrapper against insecure deserialization can be bypassed on Drupal (insecure deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application).
Typo3 and Joomla also contain third-party libraries and projects based on PHP’s built-in phar stream wrapper; but the impact of the bug on each varies by platform, the researcher said.
“The vulnerability allows [attackers] to deserialize arbitrary PHP objects, which makes it a vulnerability very dependent on the context in which it is exploited,” le Gall told Threatpost via direct message. “As a result, the operation will be different from one project to another. On some projects, this could allow arbitrary code to be executed, if some interesting classes allow it. This is clearly the case for Drupal, since my initial report indicates a method to execute arbitrary code on their server with a user who can administer the themes.”
If exploited, an attacker could bypass the protection provided for the phar stream wrapper and eventually launch arbitrary code execution attacks, according to le Gall in a tweet.
> I found a vulnerability on a Typo3 library, that impacts Typo3, Drupal and Joomla. The impact should vary between Medium to High and can lead to RCE on some systems. Patch your things everyone!<https://t.co/2fdyaPnyTw><https://t.co/EO6PHxj2kp><https://t.co/hlRMmj5nav>
>
> — Blaklis (@Blaklis_) May 9, 2019
Typo3 for its part said that versions 2.0 to 2.1 and 3.0 to 3.1 of the stream wrapper package are impacted; users can update to versions 2.1.1 for PHP 5.3 and later, or 3.1.1 for PHP 7.0 and later.
“In order to intercept file invocations like file_exists or stat on compromised Phar archives, the base name has to be determined and checked before allowing to be handled by PHP Phar stream handling,” according to a Wednesday Typo3 advisory. “The current implementation is vulnerable to path traversal, leading to scenarios where the Phar archive to be assessed is not the actual (compromised) file.”
Meanwhile, Joomla versions 3.9.3 through 3.9.5 are impacted; users should upgrade to version 3.9.6. Joomla said it addressed the vulnerability by removing the known attack vector in the Joomla core, and according to its advisory. Joomla rated the vulnerability as low in severity.
For Drupal, the vulnerability was rated “moderately critical” as it is used in several Drupal versions, including Drupal 8.7 or earlier and Drupal 7.
Le Gall told Threapost said that he initially reported the vulnerability to Drupal’s security team through the European Commission’s bug bounty program. The flaw was discovered and reported on Feb. 22 to Drupal’s security team, which subsequently notified Joomla and Typo3.
“Currently, I can confirm that this component is present by default in the Drupal core,” le Gal told Threatpost. “For Joomla and Typo3, I don’t have a precise answer. Their teams did their investigations on their side, and I didn’t really look at how this flaw was exploitable on it, nor how this component was integrated.”
{"id": "THREATPOST:CFCC772FE78B52485C3DA211A9342202", "type": "threatpost", "bulletinFamily": "info", "title": "Serious Phar Flaw Allows Arbitrary Code Execution on Drupal", "description": "Multiple content management systems \u2013 including Drupal, Joomla and Typo3 \u2013 are open to a vulnerability that can lead to arbitrary code execution on some systems.\n\nThe flaw ([CVE-2019-11831](<https://nvd.nist.gov/vuln/detail/CVE-2019-11831>)) exists in the phar stream wrapper component used in PHP-driven projects. A Phar archive is used to distribute a complete PHP application or library in a single file; the phar stream wrapper is an open-source component made available by Typo3, which allows users to check that the file is a valid Phar file, loaded from a specific directory, with the correct file extension.\n\nHowever, researcher Daniel le Gall discovered that the feature protecting the phar stream wrapper against insecure deserialization can be bypassed on Drupal (insecure deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application).\n\nTypo3 and Joomla also contain third-party libraries and projects based on PHP\u2019s built-in phar stream wrapper; but the impact of the bug on each varies by platform, the researcher said.\n\n\u201cThe vulnerability allows [attackers] to deserialize arbitrary PHP objects, which makes it a vulnerability very dependent on the context in which it is exploited,\u201d le Gall told Threatpost via direct message. \u201cAs a result, the operation will be different from one project to another. On some projects, this could allow arbitrary code to be executed, if some interesting classes allow it. This is clearly the case for Drupal, since my initial report indicates a method to execute arbitrary code on their server with a user who can administer the themes.\u201d\n\nIf exploited, an attacker could bypass the protection provided for the phar stream wrapper and eventually launch arbitrary code execution attacks, according to le Gall in a tweet.\n\n> I found a vulnerability on a Typo3 library, that impacts Typo3, Drupal and Joomla. The impact should vary between Medium to High and can lead to RCE on some systems. Patch your things everyone!<https://t.co/2fdyaPnyTw><https://t.co/EO6PHxj2kp><https://t.co/hlRMmj5nav>\n> \n> \u2014 Blaklis (@Blaklis_) [May 9, 2019](<https://twitter.com/Blaklis_/status/1126464083383988225?ref_src=twsrc%5Etfw>)\n\nTypo3 for its part said that versions 2.0 to 2.1 and 3.0 to 3.1 of the stream wrapper package are impacted; users can update to versions 2.1.1 for PHP 5.3 and later, or 3.1.1 for PHP 7.0 and later.\n\n\u201cIn order to intercept file invocations like _file_exists_ or _stat_ on compromised Phar archives, the base name has to be determined and checked before allowing to be handled by PHP Phar stream handling,\u201d according to a Wednesday Typo3[ advisory](<https://typo3.org/security/advisory/typo3-psa-2019-007/>). \u201cThe current implementation is vulnerable to path traversal, leading to scenarios where the Phar archive to be assessed is not the actual (compromised) file.\u201d\n\nMeanwhile, Joomla versions 3.9.3 through 3.9.5 are impacted; users should upgrade to version 3.9.6. Joomla said it addressed the vulnerability by removing the known attack vector in the Joomla core, and according to its [advisory.](<https://developer.joomla.org/security-centre.html>) Joomla rated the vulnerability as low in severity.\n\nFor [Drupal](<https://www.drupal.org/sa-core-2019-007>), the vulnerability was rated \u201cmoderately critical\u201d as it is used in several Drupal versions, including Drupal 8.7 or earlier and Drupal 7.\n\nLe Gall told Threapost said that he initially reported the vulnerability to Drupal\u2019s security team through the [European Commission\u2019s bug bounty program](<https://threatpost.com/eu-offers-bug-bounties-for-14-open-source-projects/140473/>). The flaw was discovered and reported on Feb. 22 to Drupal\u2019s security team, which subsequently notified Joomla and Typo3.\n\n\u201cCurrently, I can confirm that this component is present by default in the Drupal core,\u201d le Gal told Threatpost. \u201cFor Joomla and Typo3, I don\u2019t have a precise answer. Their teams did their investigations on their side, and I didn\u2019t really look at how this flaw was exploitable on it, nor how this component was integrated.\u201d\n", "published": "2019-05-09T16:00:22", "modified": "2019-05-09T16:00:22", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://threatpost.com/drupal-typo3-joomla-phar-flaw/144526/", "reporter": "Lindsey O'Donnell", "references": ["https://nvd.nist.gov/vuln/detail/CVE-2019-11831", "https://t.co/2fdyaPnyTw", "https://t.co/EO6PHxj2kp", "https://t.co/hlRMmj5nav", "https://twitter.com/Blaklis_/status/1126464083383988225?ref_src=twsrc%5Etfw", "https://typo3.org/security/advisory/typo3-psa-2019-007/", "https://developer.joomla.org/security-centre.html", "https://www.drupal.org/sa-core-2019-007", "https://threatpost.com/eu-offers-bug-bounties-for-14-open-source-projects/140473/"], "cvelist": ["CVE-2019-11831"], "lastseen": "2020-04-11T11:47:39", "viewCount": 84, "enchantments": {"score": {"value": 6.2, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-11831"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1797-1:1A7B8", "DEBIAN:DLA-1797-1:A2877", "DEBIAN:DSA-4445-1:6DBDB"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-11831"]}, {"type": "drupal", "idList": ["DRUPAL-SA-CORE-2019-007"]}, {"type": "fedora", "idList": ["FEDORA:0E6FD60E1861", "FEDORA:10ED96049C48", "FEDORA:1BFFA62DE62F", "FEDORA:2B920607600F", "FEDORA:438D16045644", "FEDORA:4A9F5608EB90", "FEDORA:60574617A8E7", "FEDORA:6876462D6E28", "FEDORA:C78C4614ACDE", "FEDORA:D51DE60C7BDF", "FEDORA:EAFB5608C00A"]}, {"type": "freebsd", "idList": ["9B8A52FC-89C1-11E9-9BA0-4C72B94353B5"]}, {"type": "github", "idList": ["GHSA-XV7V-RF6G-XWRC"]}, {"type": "nessus", "idList": ["700664.PRM", "DEBIAN_DLA-1797.NASL", "DEBIAN_DSA-4445.NASL", "DRUPAL_8_6_16.NASL", "FEDORA_2019-040857FD75.NASL", "FEDORA_2019-3C89837025.NASL", "FEDORA_2019-41D6FFD6F0.NASL", "FEDORA_2019-4D93CF2B34.NASL", "FEDORA_2019-84A50E34A9.NASL", "FEDORA_2019-A8121923D5.NASL", "FEDORA_2019-AF7BEF7165.NASL", "FEDORA_2019-D5F883429D.NASL", "WEB_APPLICATION_SCANNING_98602", "WEB_APPLICATION_SCANNING_98603", "WEB_APPLICATION_SCANNING_98604"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310142385", "OPENVAS:1361412562310142386", "OPENVAS:1361412562310704445", "OPENVAS:1361412562310876370", "OPENVAS:1361412562310876372", "OPENVAS:1361412562310876384", "OPENVAS:1361412562310876410", "OPENVAS:1361412562310876414", "OPENVAS:1361412562310876417", "OPENVAS:1361412562310876534", "OPENVAS:1361412562310876536", "OPENVAS:1361412562310876539", "OPENVAS:1361412562310876542", "OPENVAS:1361412562310877098", "OPENVAS:1361412562310891797"]}, {"type": "typo3", "idList": ["TYPO3-PSA-2019-007"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-11831"]}]}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2019-11831"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1797-1:1A7B8", "DEBIAN:DSA-4445-1:6DBDB"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-11831"]}, {"type": "drupal", "idList": ["DRUPAL-SA-CORE-2019-007"]}, {"type": "fedora", "idList": ["FEDORA:10ED96049C48", "FEDORA:1BFFA62DE62F", "FEDORA:438D16045644", "FEDORA:4A9F5608EB90", "FEDORA:60574617A8E7", "FEDORA:6876462D6E28", "FEDORA:C78C4614ACDE", "FEDORA:D51DE60C7BDF", "FEDORA:EAFB5608C00A"]}, {"type": "freebsd", "idList": ["9B8A52FC-89C1-11E9-9BA0-4C72B94353B5"]}, {"type": "github", "idList": ["GHSA-XV7V-RF6G-XWRC"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-1797.NASL", "DEBIAN_DSA-4445.NASL", "FEDORA_2019-040857FD75.NASL", "FEDORA_2019-3C89837025.NASL", "FEDORA_2019-41D6FFD6F0.NASL", "FEDORA_2019-4D93CF2B34.NASL", "FEDORA_2019-84A50E34A9.NASL", "FEDORA_2019-A8121923D5.NASL", "FEDORA_2019-AF7BEF7165.NASL", "FEDORA_2019-D5F883429D.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704445", "OPENVAS:1361412562310876370", "OPENVAS:1361412562310876372", "OPENVAS:1361412562310876384", "OPENVAS:1361412562310876414", "OPENVAS:1361412562310891797"]}, {"type": "threatpost", "idList": ["THREATPOST:050A36E6453D4472A2734DA342E95366"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-11831"]}]}, "exploitation": null, "vulnersScore": 6.2}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}
{"nessus": [{"lastseen": "2021-10-02T00:41:09", "description": "- https://www.drupal.org/project/drupal/releases/7.67\n\n - [SA-CORE-2019-007](https://www.drupal.org/SA-CORE-2019-0 07) ([CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2 019-11831))\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-28T00:00:00", "type": "nessus", "title": "Fedora 28 : drupal7 (2019-41d6ffd6f0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-41D6FFD6F0.NASL", "href": "https://www.tenable.com/plugins/nessus/125425", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-41d6ffd6f0.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125425);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-11831\");\n script_xref(name:\"FEDORA\", value:\"2019-41d6ffd6f0\");\n\n script_name(english:\"Fedora 28 : drupal7 (2019-41d6ffd6f0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"- https://www.drupal.org/project/drupal/releases/7.67\n\n -\n [SA-CORE-2019-007](https://www.drupal.org/SA-CORE-2019-0\n 07)\n ([CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2\n 019-11831))\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-41d6ffd6f0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://nvd.nist.gov/vuln/detail/CVE-2019-11831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/SA-CORE-2019-007\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"drupal7-7.67-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-03T12:40:23", "description": "- https://www.drupal.org/project/drupal/releases/7.67\n\n - [SA-CORE-2019-007](https://www.drupal.org/SA-CORE-2019-0 07) ([CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2 019-11831))\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-28T00:00:00", "type": "nessus", "title": "Fedora 29 : drupal7 (2019-040857fd75)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-040857FD75.NASL", "href": "https://www.tenable.com/plugins/nessus/125418", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-040857fd75.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125418);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-11831\");\n script_xref(name:\"FEDORA\", value:\"2019-040857fd75\");\n\n script_name(english:\"Fedora 29 : drupal7 (2019-040857fd75)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"- https://www.drupal.org/project/drupal/releases/7.67\n\n -\n [SA-CORE-2019-007](https://www.drupal.org/SA-CORE-2019-0\n 07)\n ([CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2\n 019-11831))\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-040857fd75\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://nvd.nist.gov/vuln/detail/CVE-2019-11831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/SA-CORE-2019-007\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"drupal7-7.67-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:41:58", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.67, 8.6.x prior to 8.6.16, or 8.7.x prior to 8.7.1. It is, therefore, affected by a path traversal vulnerability. This security release fixes third-party dependencies included in or required by Drupal core.\n\nAs described in TYPO3-PSA-2019-007: By-passing protection of Phar Stream Wrapper Interceptor: In order to intercept file invocations like file_exists or stat on compromised Phar archives the base name has to be determined and checked before allowing to be handled by PHP Phar stream handling. The current implementation is vulnerable to path traversal leading to scenarios where the Phar archive to be assessed is not the actual (compromised) file. (SA-CORE-2019-007)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-22T00:00:00", "type": "nessus", "title": "Drupal 8.6.x < 8.6.16 Third-Party Libraries Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98603", "href": "https://www.tenable.com/plugins/was/98603", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-02T00:42:01", "description": "It was discovered that incomplete validation in a Phar processing library embedded in Drupal, a fully-featured content management framework, could result in information disclosure.\n\nFor additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2019-007.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-15T00:00:00", "type": "nessus", "title": "Debian DSA-4445-1 : drupal7 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2020-01-17T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:drupal7", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4445.NASL", "href": "https://www.tenable.com/plugins/nessus/125096", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4445. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125096);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/17\");\n\n script_cve_id(\"CVE-2019-11831\");\n script_xref(name:\"DSA\", value:\"4445\");\n\n script_name(english:\"Debian DSA-4445-1 : drupal7 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that incomplete validation in a Phar processing\nlibrary embedded in Drupal, a fully-featured content management\nframework, could result in information disclosure.\n\nFor additional information, please refer to the upstream advisory at\nhttps://www.drupal.org/sa-core-2019-007.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2019-007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4445\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the drupal7 packages.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 7.52-2+deb9u9.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"drupal7\", reference:\"7.52-2+deb9u9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:41:58", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.67, 8.6.x prior to 8.6.16, or 8.7.x prior to 8.7.1. It is, therefore, affected by a path traversal vulnerability. This security release fixes third-party dependencies included in or required by Drupal core.\n\nAs described in TYPO3-PSA-2019-007: By-passing protection of Phar Stream Wrapper Interceptor: In order to intercept file invocations like file_exists or stat on compromised Phar archives the base name has to be determined and checked before allowing to be handled by PHP Phar stream handling. The current implementation is vulnerable to path traversal leading to scenarios where the Phar archive to be assessed is not the actual (compromised) file. (SA-CORE-2019-007)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-22T00:00:00", "type": "nessus", "title": "Drupal 8.7.x < 8.7.1 Third-Party Libraries Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98602", "href": "https://www.tenable.com/plugins/was/98602", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:41:58", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.67, 8.6.x prior to 8.6.16, or 8.7.x prior to 8.7.1. It is, therefore, affected by a path traversal vulnerability. This security release fixes third-party dependencies included in or required by Drupal core.\n\nAs described in TYPO3-PSA-2019-007: By-passing protection of Phar Stream Wrapper Interceptor: In order to intercept file invocations like file_exists or stat on compromised Phar archives the base name has to be determined and checked before allowing to be handled by PHP Phar stream handling. The current implementation is vulnerable to path traversal leading to scenarios where the Phar archive to be assessed is not the actual (compromised) file. (SA-CORE-2019-007)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-22T00:00:00", "type": "nessus", "title": "Drupal 7.x < 7.67 Third-Party Libraries Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98604", "href": "https://www.tenable.com/plugins/was/98604", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:24:01", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.67, 8.6.x prior to 8.6.x, or 8.7.x prior to 8.7.1. It is, therefore, affected by a path traversal vulnerability. This security release fixes third-party dependencies included in or required by Drupal core. \n As described in TYPO3-PSA-2019-007: By-passing protection of Phar Stream Wrapper Interceptor: In order to intercept file invocations like file_exists or stat on compromised Phar archives the base name has to be determined and checked before allowing to be handled by PHP Phar stream handling. The current implementation is vulnerable to path traversal leading to scenarios where the Phar archive to be assessed is not the actual (compromised) file.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-08T00:00:00", "type": "nessus", "title": "Drupal 7.x < 7.67 / 8.6.x < 8.6.16 / 8.7.x < 8.7.1 (SA-CORE-2019-007)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2019-05-13T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "700664.PRM", "href": "https://www.tenable.com/plugins/nnm/700664", "sourceData": "Binary data 700664.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-01T07:26:20", "description": "According to its self-reported version, the instance of Drupal running\non the remote web server is 7.0.x prior to 7.67, 8.7.x prior to\n8.6.16, or 8.7.x prior to 8.7.1. It is, therefore, affected by a\npath traversal vulnerability. This security release fixes\nthird-party dependencies included in or required by Drupal core.\nAs described in TYPO3-PSA-2019-007: By-passing protection of Phar Stream\nWrapper Interceptor: In order to intercept file invocations like\nfile_exists or stat on compromised Phar archives the base name\nhas to be determined and checked before allowing to be handled by\nPHP Phar stream handling. The current implementation is vulnerable\nto path traversal leading to scenarios where the Phar archive to be\nassessed is not the actual (compromised) file. (SA-CORE-2019-007)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-08T00:00:00", "type": "nessus", "title": "Drupal 7.0.x < 7.67 / 8.6.x < 8.6.16 / 8.7.x < 8.7.1 Drupal Vulnerability (SA-CORE-2019-007)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11831"], "modified": "2021-08-02T00:00:00", "cpe": ["cpe:/a:drupal:drupal"], "id": "DRUPAL_8_6_16.NASL", "href": "https://www.tenable.com/plugins/nessus/124698", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124698);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/10/30 13:24:46\");\n\n script_cve_id(\"CVE-2019-11831\");\n\n script_name(english:\"Drupal 7.0.x < 7.67 / 8.6.x < 8.6.16 / 8.7.x < 8.7.1 Drupal Vulnerability (SA-CORE-2019-007)\");\n script_summary(english:\"Checks the version of Drupal.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PHP application running on the remote web server is affected by a\npath traversal vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the instance of Drupal running\non the remote web server is 7.0.x prior to 7.67, 8.7.x prior to\n8.6.16, or 8.7.x prior to 8.7.1. It is, therefore, affected by a\npath traversal vulnerability. This security release fixes\nthird-party dependencies included in or required by Drupal core.\nAs described in TYPO3-PSA-2019-007: By-passing protection of Phar Stream\nWrapper Interceptor: In order to intercept file invocations like\nfile_exists or stat on compromised Phar archives the base name\nhas to be determined and checked before allowing to be handled by\nPHP Phar stream handling. The current implementation is vulnerable\nto path traversal leading to scenarios where the Phar archive to be\nassessed is not the actual (compromised) file. (SA-CORE-2019-007)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/sa-core-2019-007\");\n script_set_attribute(attribute:\"see_also\", value:\"https://typo3.org/security/advisory/typo3-psa-2019-007/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/7.67\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.6.16\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.7.1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Drupal version 7.67 / 8.6.16 / 8.7.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11831\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/08\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:drupal:drupal\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"drupal_detect.nasl\");\n script_require_keys(\"installed_sw/Drupal\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80, 443);\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"http.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:80, php:TRUE);\n\napp_info = vcf::get_app_info(app:\"Drupal\", port:port, webapp:TRUE);\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nconstraints = [\n { \"min_version\" : \"7.0\", \"fixed_version\" : \"7.67\" },\n { \"min_version\" : \"8.6\", \"fixed_version\" : \"8.6.16\" },\n { \"min_version\" : \"8.7\", \"fixed_version\" : \"8.7.1\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-24T22:11:19", "description": "Drupal Security Team reports :\n\nCVE-2019-11831: By-passing protection of Phar Stream Wrapper Interceptor.\n\nIn order to intercept file invocations like file_exists or stat on compromised Phar archives the base name has to be determined and checked before allowing to be handled by PHP Phar stream handling. The current implementation is vulnerable to path traversal leading to scenarios where the Phar archive to be assessed is not the actual (compromised) file.", "cvss3": {}, "published": "2019-06-10T00:00:00", "type": "nessus", "title": "FreeBSD : drupal -- Drupal core - Moderately critical (9b8a52fc-89c1-11e9-9ba0-4c72b94353b5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2019-07-22T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:drupal7", "p-cpe:/a:freebsd:freebsd:drupal8", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_9B8A52FC89C111E99BA04C72B94353B5.NASL", "href": "https://www.tenable.com/plugins/nessus/125791", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125791);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/07/22 10:22:12\");\n\n script_name(english:\"FreeBSD : drupal -- Drupal core - Moderately critical (9b8a52fc-89c1-11e9-9ba0-4c72b94353b5)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Drupal Security Team reports :\n\nCVE-2019-11831: By-passing protection of Phar Stream Wrapper\nInterceptor.\n\nIn order to intercept file invocations like file_exists or stat on\ncompromised Phar archives the base name has to be determined and\nchecked before allowing to be handled by PHP Phar stream handling. The\ncurrent implementation is vulnerable to path traversal leading to\nscenarios where the Phar archive to be assessed is not the actual\n(compromised) file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/SA-CORE-2019-007\"\n );\n # https://vuxml.freebsd.org/freebsd/9b8a52fc-89c1-11e9-9ba0-4c72b94353b5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b4d97957\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:drupal8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"drupal7<7.67\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"drupal8<8.7.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-10-03T12:39:58", "description": "- https://www.drupal.org/project/drupal/releases/7.67\n\n - [SA-CORE-2019-007](https://www.drupal.org/SA-CORE-2019-0 07) ([CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2 019-11831))\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-28T00:00:00", "type": "nessus", "title": "Fedora 30 : drupal7 (2019-84a50e34a9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-84A50E34A9.NASL", "href": "https://www.tenable.com/plugins/nessus/125430", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-84a50e34a9.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125430);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-11831\");\n script_xref(name:\"FEDORA\", value:\"2019-84a50e34a9\");\n\n script_name(english:\"Fedora 30 : drupal7 (2019-84a50e34a9)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"- https://www.drupal.org/project/drupal/releases/7.67\n\n -\n [SA-CORE-2019-007](https://www.drupal.org/SA-CORE-2019-0\n 07)\n ([CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2\n 019-11831))\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-84a50e34a9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://nvd.nist.gov/vuln/detail/CVE-2019-11831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/SA-CORE-2019-007\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"drupal7-7.67-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-02T00:38:42", "description": "Two security updates have been released for PharStreamWrapper.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-06-27T00:00:00", "type": "nessus", "title": "Fedora 30 : php-brumann-polyfill-unserialize / php-typo3-phar-stream-wrapper2 (2019-a8121923d5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2020-01-10T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-brumann-polyfill-unserialize", "p-cpe:/a:fedoraproject:fedora:php-typo3-phar-stream-wrapper2", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-A8121923D5.NASL", "href": "https://www.tenable.com/plugins/nessus/126265", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-a8121923d5.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126265);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/10\");\n\n script_cve_id(\"CVE-2019-11830\", \"CVE-2019-11831\");\n script_xref(name:\"FEDORA\", value:\"2019-a8121923d5\");\n\n script_name(english:\"Fedora 30 : php-brumann-polyfill-unserialize / php-typo3-phar-stream-wrapper2 (2019-a8121923d5)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two security updates have been released for PharStreamWrapper.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-a8121923d5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected php-brumann-polyfill-unserialize and / or\nphp-typo3-phar-stream-wrapper2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-brumann-polyfill-unserialize\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-typo3-phar-stream-wrapper2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"php-brumann-polyfill-unserialize-1.0.3-1.fc30\")) flag++;\nif (rpm_check(release:\"FC30\", reference:\"php-typo3-phar-stream-wrapper2-2.1.2-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-brumann-polyfill-unserialize / php-typo3-phar-stream-wrapper2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-02T00:42:25", "description": "- [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/rel eases/tag/v3.1.1)\n\n - [TYPO3-PSA-2019-007](https://typo3.org/security/advisory /typo3-psa-2019-007/) / [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-20 19-11831)\n\n - [TYPO3-PSA-2019-008](https://typo3.org/security/advisory /typo3-psa-2019-008/) / [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-20 19-11830)\n\n - [3.1.0](https://github.com/TYPO3/phar-stream-wrapper/rel eases/tag/v3.1.0)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-17T00:00:00", "type": "nessus", "title": "Fedora 28 : php-typo3-phar-stream-wrapper (2019-4d93cf2b34)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-typo3-phar-stream-wrapper", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-4D93CF2B34.NASL", "href": "https://www.tenable.com/plugins/nessus/125231", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-4d93cf2b34.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125231);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-11830\", \"CVE-2019-11831\");\n script_xref(name:\"FEDORA\", value:\"2019-4d93cf2b34\");\n\n script_name(english:\"Fedora 28 : php-typo3-phar-stream-wrapper (2019-4d93cf2b34)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"-\n [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/rel\n eases/tag/v3.1.1)\n\n -\n [TYPO3-PSA-2019-007](https://typo3.org/security/advisory\n /typo3-psa-2019-007/) /\n [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-20\n 19-11831)\n\n -\n [TYPO3-PSA-2019-008](https://typo3.org/security/advisory\n /typo3-psa-2019-008/) /\n [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-20\n 19-11830)\n\n -\n [3.1.0](https://github.com/TYPO3/phar-stream-wrapper/rel\n eases/tag/v3.1.0)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-4d93cf2b34\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://typo3.org/security/advisory/typo3-psa-2019-007/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://typo3.org/security/advisory/typo3-psa-2019-008/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-typo3-phar-stream-wrapper package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-typo3-phar-stream-wrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"php-typo3-phar-stream-wrapper-3.1.1-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-typo3-phar-stream-wrapper\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-02T00:42:39", "description": "- [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/rel eases/tag/v3.1.1)\n\n - [TYPO3-PSA-2019-007](https://typo3.org/security/advisory /typo3-psa-2019-007/) / [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-20 19-11831)\n\n - [TYPO3-PSA-2019-008](https://typo3.org/security/advisory /typo3-psa-2019-008/) / [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-20 19-11830)\n\n - [3.1.0](https://github.com/TYPO3/phar-stream-wrapper/rel eases/tag/v3.1.0)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-17T00:00:00", "type": "nessus", "title": "Fedora 30 : php-typo3-phar-stream-wrapper (2019-3c89837025)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-typo3-phar-stream-wrapper", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-3C89837025.NASL", "href": "https://www.tenable.com/plugins/nessus/125230", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-3c89837025.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125230);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-11830\", \"CVE-2019-11831\");\n script_xref(name:\"FEDORA\", value:\"2019-3c89837025\");\n\n script_name(english:\"Fedora 30 : php-typo3-phar-stream-wrapper (2019-3c89837025)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"-\n [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/rel\n eases/tag/v3.1.1)\n\n -\n [TYPO3-PSA-2019-007](https://typo3.org/security/advisory\n /typo3-psa-2019-007/) /\n [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-20\n 19-11831)\n\n -\n [TYPO3-PSA-2019-008](https://typo3.org/security/advisory\n /typo3-psa-2019-008/) /\n [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-20\n 19-11830)\n\n -\n [3.1.0](https://github.com/TYPO3/phar-stream-wrapper/rel\n eases/tag/v3.1.0)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-3c89837025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://typo3.org/security/advisory/typo3-psa-2019-007/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://typo3.org/security/advisory/typo3-psa-2019-008/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-typo3-phar-stream-wrapper package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-typo3-phar-stream-wrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"php-typo3-phar-stream-wrapper-3.1.1-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-typo3-phar-stream-wrapper\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-02T00:38:25", "description": "Two security updates have been released for PharStreamWrapper.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-06-28T00:00:00", "type": "nessus", "title": "Fedora 29 : php-brumann-polyfill-unserialize / php-typo3-phar-stream-wrapper2 (2019-af7bef7165)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2020-01-09T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-brumann-polyfill-unserialize", "p-cpe:/a:fedoraproject:fedora:php-typo3-phar-stream-wrapper2", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-AF7BEF7165.NASL", "href": "https://www.tenable.com/plugins/nessus/126314", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-af7bef7165.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126314);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/09\");\n\n script_cve_id(\"CVE-2019-11830\", \"CVE-2019-11831\");\n script_xref(name:\"FEDORA\", value:\"2019-af7bef7165\");\n\n script_name(english:\"Fedora 29 : php-brumann-polyfill-unserialize / php-typo3-phar-stream-wrapper2 (2019-af7bef7165)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two security updates have been released for PharStreamWrapper.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-af7bef7165\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected php-brumann-polyfill-unserialize and / or\nphp-typo3-phar-stream-wrapper2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-brumann-polyfill-unserialize\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-typo3-phar-stream-wrapper2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"php-brumann-polyfill-unserialize-1.0.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"php-typo3-phar-stream-wrapper2-2.1.2-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-brumann-polyfill-unserialize / php-typo3-phar-stream-wrapper2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:49:40", "description": "Several security vulnerabilities have been discovered in drupal7, a PHP website platform. The vulnerabilities affect the embedded versions of the jQuery JavaScript library and the Typo3 Phar Stream Wrapper library.\n\nCVE-2019-11358\n\nIt was discovered that the jQuery version embedded in Drupal was prone to a cross site scripting vulnerability in jQuery.extend().\n\nFor additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2019-006.\n\nCVE-2019-11831\n\nIt was discovered that incomplete validation in a Phar processing library embedded in Drupal, a fully-featured content management framework, could result in information disclosure.\n\nFor additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2019-007.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 7.32-1+deb8u17.\n\nWe recommend that you upgrade your drupal7 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-21T00:00:00", "type": "nessus", "title": "Debian DLA-1797-1 : drupal7 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2019-11831"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:drupal7", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1797.NASL", "href": "https://www.tenable.com/plugins/nessus/125298", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1797-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125298);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-11358\", \"CVE-2019-11831\");\n\n script_name(english:\"Debian DLA-1797-1 : drupal7 security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security vulnerabilities have been discovered in drupal7, a\nPHP website platform. The vulnerabilities affect the embedded\nversions of the jQuery JavaScript library and the Typo3 Phar Stream\nWrapper library.\n\nCVE-2019-11358\n\nIt was discovered that the jQuery version embedded in Drupal was prone\nto a cross site scripting vulnerability in jQuery.extend().\n\nFor additional information, please refer to the upstream\nadvisory at https://www.drupal.org/sa-core-2019-006.\n\nCVE-2019-11831\n\nIt was discovered that incomplete validation in a Phar processing\nlibrary embedded in Drupal, a fully-featured content management\nframework, could result in information disclosure.\n\nFor additional information, please refer to the upstream\nadvisory at https://www.drupal.org/sa-core-2019-007.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n7.32-1+deb8u17.\n\nWe recommend that you upgrade your drupal7 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2019-006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2019-007\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"drupal7\", reference:\"7.32-1+deb8u17\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-02T00:42:15", "description": "- [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/rel eases/tag/v3.1.1)\n\n - [TYPO3-PSA-2019-007](https://typo3.org/security/advisory /typo3-psa-2019-007/) / [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-20 19-11831)\n\n - [TYPO3-PSA-2019-008](https://typo3.org/security/advisory /typo3-psa-2019-008/) / [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-20 19-11830)\n\n - [3.1.0](https://github.com/TYPO3/phar-stream-wrapper/rel eases/tag/v3.1.0)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-17T00:00:00", "type": "nessus", "title": "Fedora 29 : php-typo3-phar-stream-wrapper (2019-d5f883429d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-typo3-phar-stream-wrapper", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-D5F883429D.NASL", "href": "https://www.tenable.com/plugins/nessus/125233", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-d5f883429d.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125233);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-11830\", \"CVE-2019-11831\");\n script_xref(name:\"FEDORA\", value:\"2019-d5f883429d\");\n\n script_name(english:\"Fedora 29 : php-typo3-phar-stream-wrapper (2019-d5f883429d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"-\n [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/rel\n eases/tag/v3.1.1)\n\n -\n [TYPO3-PSA-2019-007](https://typo3.org/security/advisory\n /typo3-psa-2019-007/) /\n [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-20\n 19-11831)\n\n -\n [TYPO3-PSA-2019-008](https://typo3.org/security/advisory\n /typo3-psa-2019-008/) /\n [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-20\n 19-11830)\n\n -\n [3.1.0](https://github.com/TYPO3/phar-stream-wrapper/rel\n eases/tag/v3.1.0)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-d5f883429d\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://typo3.org/security/advisory/typo3-psa-2019-007/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://typo3.org/security/advisory/typo3-psa-2019-008/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-typo3-phar-stream-wrapper package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-typo3-phar-stream-wrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"php-typo3-phar-stream-wrapper-3.1.1-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-typo3-phar-stream-wrapper\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "drupal": [{"lastseen": "2021-11-26T21:46:05", "description": "This security release fixes third-party dependencies included in or required by Drupal core. As described in TYPO3-PSA-2019-007: By-passing protection of Phar Stream Wrapper Interceptor: In order to intercept file invocations like file_exists or stat on compromised Phar archives the base name has to be determined and checked before allowing to be handled by PHP Phar stream handling. [...] The current implementation is vulnerable to path traversal leading to scenarios where the Phar archive to be assessed is not the actual (compromised) file. The known vulnerability in Drupal core requires the \"administer themes\" permission. However, additional vulnerabilities may exist in contributed or custom modules, so site should still update even if they do not grant this permission.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-08T00:00:00", "type": "drupal", "title": "Drupal core - Moderately critical - Third-party libraries - SA-CORE-2019-007\n", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11831"], "modified": "2019-05-08T00:00:00", "id": "DRUPAL-SA-CORE-2019-007", "href": "https://www.drupal.org/sa-core-2019-007", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-11-28T09:26:05", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4445-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMay 14, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : drupal7\nCVE ID : CVE-2019-11831\n\nIt was discovered that incomplete validation in a Phar processing\nlibrary embedded in Drupal, a fully-featured content management\nframework, could result in information disclosure.\n\nFor additional information, please refer to the upstream advisory\nat https://www.drupal.org/sa-core-2019-007.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 7.52-2+deb9u9.\n\nWe recommend that you upgrade your drupal7 packages.\n\nFor the detailed security status of drupal7 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/drupal7\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-14T21:15:13", "type": "debian", "title": "[SECURITY] [DSA 4445-1] drupal7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11831"], "modified": "2019-05-14T21:15:13", "id": "DEBIAN:DSA-4445-1:6DBDB", "href": "https://lists.debian.org/debian-security-announce/2019/msg00089.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-25T11:41:30", "description": "Package : drupal7\nVersion : 7.32-1+deb8u17\nCVE ID : CVE-2019-11358 CVE-2019-11831\nDebian Bug : 927330 928688\n\nSeveral security vulnerabilities have been discovered in drupal7, a\nPHP web site platform. The vulnerabilities affect the embedded versions\nof the jQuery JavaScript library and the Typo3 Phar Stream Wrapper\nlibrary.\n\nCVE-2019-11358\n\n It was discovered that the jQuery version embedded in Drupal was\n prone to a cross site scripting vulnerability in jQuery.extend().\n\n For additional information, please refer to the upstream advisory\n at https://www.drupal.org/sa-core-2019-006.\n\nCVE-2019-11831\n\n It was discovered that incomplete validation in a Phar processing\n library embedded in Drupal, a fully-featured content management\n framework, could result in information disclosure.\n\n For additional information, please refer to the upstream advisory\n at https://www.drupal.org/sa-core-2019-007.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n7.32-1+deb8u17.\n\nWe recommend that you upgrade your drupal7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\n- -- \nJonas Meurer", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-05-20T14:21:50", "type": "debian", "title": "[SECURITY] [DLA 1797-1] drupal7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11358", "CVE-2019-11831"], "modified": "2019-05-20T14:21:50", "id": "DEBIAN:DLA-1797-1:1A7B8", "href": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T12:14:32", "description": "Package : drupal7\nVersion : 7.32-1+deb8u17\nCVE ID : CVE-2019-11358 CVE-2019-11831\nDebian Bug : 927330 928688\n\nSeveral security vulnerabilities have been discovered in drupal7, a\nPHP web site platform. The vulnerabilities affect the embedded versions\nof the jQuery JavaScript library and the Typo3 Phar Stream Wrapper\nlibrary.\n\nCVE-2019-11358\n\n It was discovered that the jQuery version embedded in Drupal was\n prone to a cross site scripting vulnerability in jQuery.extend().\n\n For additional information, please refer to the upstream advisory\n at https://www.drupal.org/sa-core-2019-006.\n\nCVE-2019-11831\n\n It was discovered that incomplete validation in a Phar processing\n library embedded in Drupal, a fully-featured content management\n framework, could result in information disclosure.\n\n For additional information, please refer to the upstream advisory\n at https://www.drupal.org/sa-core-2019-007.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n7.32-1+deb8u17.\n\nWe recommend that you upgrade your drupal7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\n- -- \nJonas Meurer", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-20T14:21:50", "type": "debian", "title": "[SECURITY] [DLA 1797-1] drupal7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11358", "CVE-2019-11831"], "modified": "2019-05-20T14:21:50", "id": "DEBIAN:DLA-1797-1:A2877", "href": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:32:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4445-1 (drupal7 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2019-05-16T00:00:00", "id": "OPENVAS:1361412562310704445", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704445", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704445\");\n script_version(\"2019-05-16T02:00:09+0000\");\n script_cve_id(\"CVE-2019-11831\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-16 02:00:09 +0000 (Thu, 16 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 02:00:09 +0000 (Thu, 16 May 2019)\");\n script_name(\"Debian Security Advisory DSA 4445-1 (drupal7 - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4445.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4445-1\");\n script_xref(name:\"URL\", value:\"https://www.drupal.org/sa-core-2019-007\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the DSA-4445-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that incomplete validation in a Phar processing\nlibrary embedded in Drupal, a fully-featured content management\nframework, could result in information disclosure.\n\nFor additional information, please refer to the linked upstream advisory.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), this problem has been fixed in\nversion 7.52-2+deb9u9.\n\nWe recommend that you upgrade your drupal7 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.52-2+deb9u9\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:04", "description": "Drupal is prone to a vulnerability in the 3rd party library Phar Stream Wrapper.", "cvss3": {}, "published": "2019-05-09T00:00:00", "type": "openvas", "title": "Drupal Third-party Libraries Vulnerability (SA-CORE-2019-007) (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310142386", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142386", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = 'cpe:/a:drupal:drupal';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142386\");\n script_version(\"2019-05-14T07:15:16+0000\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 07:15:16 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-09 09:46:02 +0000 (Thu, 09 May 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_cve_id(\"CVE-2019-11831\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Drupal Third-party Libraries Vulnerability (SA-CORE-2019-007) (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"drupal_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"drupal/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Drupal is prone to a vulnerability in the 3rd party library Phar Stream Wrapper.\");\n\n script_tag(name:\"insight\", value:\"The vulnerability lies in third-party dependencies included in or required by\n Drupal core. As described in TYPO3-PSA-2019-007 (By-passing protection of Phar Stream Wrapper Interceptor).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Drupal 7.x, 8.6.x or earlier and 8.7.0.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.67, 8.6.16, 8.7.1 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.drupal.org/sa-core-2019-007\");\n script_xref(name:\"URL\", value:\"https://typo3.org/security/advisory/typo3-psa-2019-007/\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"7.0\", test_version2: \"7.66\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.67\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0\", test_version2: \"8.6.15\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.6.16\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_is_equal(version: version, test_version: \"8.7.0\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.7.1\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:04", "description": "Drupal is prone to a vulnerability in the 3rd party library Phar Stream Wrapper.", "cvss3": {}, "published": "2019-05-09T00:00:00", "type": "openvas", "title": "Drupal Third-party Libraries Vulnerability (SA-CORE-2019-007) (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11831"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310142385", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142385", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = 'cpe:/a:drupal:drupal';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142385\");\n script_version(\"2019-05-14T07:15:16+0000\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 07:15:16 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-09 09:30:40 +0000 (Thu, 09 May 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_cve_id(\"CVE-2019-11831\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Drupal Third-party Libraries Vulnerability (SA-CORE-2019-007) (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"drupal_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"drupal/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Drupal is prone to a vulnerability in the 3rd party library Phar Stream Wrapper.\");\n\n script_tag(name:\"insight\", value:\"The vulnerability lies in third-party dependencies included in or required by\n Drupal core. As described in TYPO3-PSA-2019-007 (By-passing protection of Phar Stream Wrapper Interceptor).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Drupal 7.x, 8.6.x or earlier and 8.7.0.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.67, 8.6.16, 8.7.1 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.drupal.org/sa-core-2019-007\");\n script_xref(name:\"URL\", value:\"https://typo3.org/security/advisory/typo3-psa-2019-007/\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"7.0\", test_version2: \"7.66\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.67\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0\", test_version2: \"8.6.15\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.6.16\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_is_equal(version: version, test_version: \"8.7.0\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.7.1\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-05T18:44:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-06-29T00:00:00", "type": "openvas", "title": "Fedora Update for php-typo3-phar-stream-wrapper2 FEDORA-2019-af7bef7165", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310876542", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876542", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876542\");\n script_version(\"2019-07-04T09:58:18+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11830\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:58:18 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-06-29 02:20:37 +0000 (Sat, 29 Jun 2019)\");\n script_name(\"Fedora Update for php-typo3-phar-stream-wrapper2 FEDORA-2019-af7bef7165\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-af7bef7165\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGQ7HPF3I2AZFPLIM7KL5MHMMV3BVEEO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-typo3-phar-stream-wrapper2'\n package(s) announced via the FEDORA-2019-af7bef7165 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Interceptors for PHP', s native phar:// stream handling (v2).\n\nAutoloader: /usr/share/php/TYPO3/PharStreamWrapper2/autoload.php\");\n\n script_tag(name:\"affected\", value:\"'php-typo3-phar-stream-wrapper2' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"php-typo3-phar-stream-wrapper2\", rpm:\"php-typo3-phar-stream-wrapper2~2.1.2~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-06-27T14:43:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-06-27T00:00:00", "type": "openvas", "title": "Fedora Update for php-typo3-phar-stream-wrapper2 FEDORA-2019-a8121923d5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-06-27T00:00:00", "id": "OPENVAS:1361412562310876536", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876536", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876536\");\n script_version(\"2019-06-27T06:30:18+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11830\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-06-27 06:30:18 +0000 (Thu, 27 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-06-27 02:14:06 +0000 (Thu, 27 Jun 2019)\");\n script_name(\"Fedora Update for php-typo3-phar-stream-wrapper2 FEDORA-2019-a8121923d5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-a8121923d5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KU7S55EDALFKHLWTCAZJ5QRTYSVSC6OO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-typo3-phar-stream-wrapper2'\n package(s) announced via the FEDORA-2019-a8121923d5 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Interceptors for PHP', s native phar:// stream handling (v2).\n\nAutoloader: /usr/share/php/TYPO3/PharStreamWrapper2/autoload.php\");\n\n script_tag(name:\"affected\", value:\"'php-typo3-phar-stream-wrapper2' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"php-typo3-phar-stream-wrapper2\", rpm:\"php-typo3-phar-stream-wrapper2~2.1.2~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-05T18:44:39", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-06-29T00:00:00", "type": "openvas", "title": "Fedora Update for php-brumann-polyfill-unserialize FEDORA-2019-af7bef7165", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310876539", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876539", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876539\");\n script_version(\"2019-07-04T09:58:18+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11830\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:58:18 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-06-29 02:20:29 +0000 (Sat, 29 Jun 2019)\");\n script_name(\"Fedora Update for php-brumann-polyfill-unserialize FEDORA-2019-af7bef7165\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-af7bef7165\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BQBU4MEZY25V6CH2WCY7MFBOJ46MBDZ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-brumann-polyfill-unserialize'\n package(s) announced via the FEDORA-2019-af7bef7165 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Backports unserialize options introduced in PHP 7.0 to older PHP versions. This\nwas originally designed as a Proof of Concept for Symfony Issue\n\nYou can use this package in projects that rely on PHP versions older than PHP\n7.0. In case you are using PHP 7.0+ the original unserialize() will be used\ninstead.\n\n can result in code being loaded and executed due to object instantiation and\n autoloading, and a malicious user may be able to exploit this. </div>\nThis warning holds true even when 'allowed_classes' is used.\");\n\n\n script_tag(name:\"affected\", value:\"'php-brumann-polyfill-unserialize' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"php-brumann-polyfill-unserialize\", rpm:\"php-brumann-polyfill-unserialize~1.0.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-06-27T14:43:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-06-27T00:00:00", "type": "openvas", "title": "Fedora Update for php-brumann-polyfill-unserialize FEDORA-2019-a8121923d5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-06-27T00:00:00", "id": "OPENVAS:1361412562310876534", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876534", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876534\");\n script_version(\"2019-06-27T06:30:18+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11830\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-06-27 06:30:18 +0000 (Thu, 27 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-06-27 02:14:04 +0000 (Thu, 27 Jun 2019)\");\n script_name(\"Fedora Update for php-brumann-polyfill-unserialize FEDORA-2019-a8121923d5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-a8121923d5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VYU6FAW54QNQQBBB27CGXK7D4OQXQ2IP\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-brumann-polyfill-unserialize'\n package(s) announced via the FEDORA-2019-a8121923d5 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Backports unserialize options introduced in PHP 7.0 to older PHP versions. This\nwas originally designed as a Proof of Concept for Symfony Issue.\n\nYou can use this package in projects that rely on PHP versions older than PHP\n7.0. In case you are using PHP 7.0+ the original unserialize() will be used\ninstead.\");\n\n script_tag(name:\"affected\", value:\"'php-brumann-polyfill-unserialize' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"php-brumann-polyfill-unserialize\", rpm:\"php-brumann-polyfill-unserialize~1.0.3~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for\n the ", "cvss3": {}, "published": "2019-05-19T00:00:00", "type": "openvas", "title": "Fedora Update for php-typo3-phar-stream-wrapper FEDORA-2019-d5f883429d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-05-22T00:00:00", "id": "OPENVAS:1361412562310876384", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876384", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876384\");\n script_version(\"2019-05-22T11:13:26+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11830\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-22 11:13:26 +0000 (Wed, 22 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-19 02:10:13 +0000 (Sun, 19 May 2019)\");\n script_name(\"Fedora Update for php-typo3-phar-stream-wrapper FEDORA-2019-d5f883429d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-d5f883429d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/65ODQHDHWR74L6TCAPAQR5FQHG6MCXAW\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for\n the 'php-typo3-phar-stream-wrapper' package(s) announced via the FEDORA-2019-d5f883429d\n advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Interceptors for PHP', s native phar:// stream handling.\n\nAutoloader: /usr/share/php/TYPO3/PharStreamWrapper/autoload.php\");\n\n script_tag(name:\"affected\", value:\"'php-typo3-phar-stream-wrapper' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"php-typo3-phar-stream-wrapper\", rpm:\"php-typo3-phar-stream-wrapper~3.1.1~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-17T00:00:00", "type": "openvas", "title": "Fedora Update for php-typo3-phar-stream-wrapper FEDORA-2019-4d93cf2b34", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310876372", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876372", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876372\");\n script_version(\"2019-05-17T10:04:07+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11830\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:04:07 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-17 02:12:21 +0000 (Fri, 17 May 2019)\");\n script_name(\"Fedora Update for php-typo3-phar-stream-wrapper FEDORA-2019-4d93cf2b34\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-4d93cf2b34\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUEXS4HRI4XZ2DTZMWAVQBYBTFSJ34AR\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-typo3-phar-stream-wrapper'\n package(s) announced via the FEDORA-2019-4d93cf2b34 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Interceptors for PHP', s native phar:// stream handling.\n\nAutoloader: /usr/share/php/TYPO3/PharStreamWrapper/autoload.php\");\n\n script_tag(name:\"affected\", value:\"'php-typo3-phar-stream-wrapper' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"php-typo3-phar-stream-wrapper\", rpm:\"php-typo3-phar-stream-wrapper~3.1.1~1.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:24:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-21T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for drupal7 (DLA-1797-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2019-11831"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891797", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891797", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891797\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2019-11358\", \"CVE-2019-11831\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-21 02:00:26 +0000 (Tue, 21 May 2019)\");\n script_name(\"Debian LTS: Security Advisory for drupal7 (DLA-1797-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1797-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/927330\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/928688\");\n script_xref(name:\"URL\", value:\"https://www.drupal.org/sa-core-2019-006\");\n script_xref(name:\"URL\", value:\"https://www.drupal.org/sa-core-2019-007\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the DLA-1797-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several security vulnerabilities have been discovered in drupal7, a\nPHP web site platform. The vulnerabilities affect the embedded versions\nof the jQuery JavaScript library and the Typo3 Phar Stream Wrapper\nlibrary.\n\nCVE-2019-11358\n\nIt was discovered that the jQuery version embedded in Drupal was\nprone to a cross site scripting vulnerability in jQuery.extend().\n\nCVE-2019-11831\n\nIt was discovered that incomplete validation in a Phar processing\nlibrary embedded in Drupal, a fully-featured content management\nframework, could result in information disclosure.\n\nFor additional information, please see the referenced upstream advisories.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n7.32-1+deb8u17.\n\nWe recommend that you upgrade your drupal7 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.32-1+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-06-05T01:40:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-26T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-84a50e34a9", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2019-11831"], "modified": "2019-05-31T00:00:00", "id": "OPENVAS:1361412562310876414", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876414", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876414\");\n script_version(\"2019-05-31T13:18:49+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11358\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-31 13:18:49 +0000 (Fri, 31 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-26 02:12:13 +0000 (Sun, 26 May 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-84a50e34a9\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-84a50e34a9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QDJVUJPUW3RZ4746SC6BX4F4T6ZXNBH\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2019-84a50e34a9 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.67~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-14T14:48:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-08T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-5f1a2cc839", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2019-11831"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877098", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877098", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877098\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11358\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-08 11:19:26 +0000 (Wed, 08 Jan 2020)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-5f1a2cc839\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-5f1a2cc839\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YAZT2BR7AU4WD63STKMHL5PJRTH3ZFZ7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2019-5f1a2cc839 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.69~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-17T00:00:00", "type": "openvas", "title": "Fedora Update for php-typo3-phar-stream-wrapper FEDORA-2019-3c89837025", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310876370", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876370", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876370\");\n script_version(\"2019-05-17T10:04:07+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11830\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:04:07 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-17 02:12:16 +0000 (Fri, 17 May 2019)\");\n script_name(\"Fedora Update for php-typo3-phar-stream-wrapper FEDORA-2019-3c89837025\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c89837025\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6JX7WR6DPMKCZQP7EYFACYXSGJ3K523\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-typo3-phar-stream-wrapper'\n package(s) announced via the FEDORA-2019-3c89837025 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Interceptors for PHP', s native phar:// stream handling.\n\nAutoloader: /usr/share/php/TYPO3/PharStreamWrapper/autoload.php\");\n\n script_tag(name:\"affected\", value:\"'php-typo3-phar-stream-wrapper' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"php-typo3-phar-stream-wrapper\", rpm:\"php-typo3-phar-stream-wrapper~3.1.1~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-06-05T01:40:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-26T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-040857fd75", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2019-11831", "CVE-2012-2922"], "modified": "2019-05-31T00:00:00", "id": "OPENVAS:1361412562310876410", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876410", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876410\");\n script_version(\"2019-05-31T13:18:49+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11358\", \"CVE-2012-2922\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-31 13:18:49 +0000 (Fri, 31 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-26 02:12:06 +0000 (Sun, 26 May 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-040857fd75\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-040857fd75\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E3NUKPG7V4QEM6QXRMHYR4ABFMW5MM2P\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2019-040857fd75 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.67~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-06-05T01:40:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-26T00:00:00", "type": "openvas", "title": "Fedora Update for drupal7 FEDORA-2019-41d6ffd6f0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2018-7602", "CVE-2019-11831", "CVE-2012-2922"], "modified": "2019-05-31T00:00:00", "id": "OPENVAS:1361412562310876417", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876417", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876417\");\n script_version(\"2019-05-31T13:18:49+0000\");\n script_cve_id(\"CVE-2019-11831\", \"CVE-2019-11358\", \"CVE-2012-2922\", \"CVE-2018-7602\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-31 13:18:49 +0000 (Fri, 31 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-26 02:12:18 +0000 (Sun, 26 May 2019)\");\n script_name(\"Fedora Update for drupal7 FEDORA-2019-41d6ffd6f0\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-41d6ffd6f0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z246UWBXBEKTQUDTLRJTC7XYBIO4IBE4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2019-41d6ffd6f0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.67~1.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-26T21:32:02", "description": "The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1\nand 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which\nallows attackers to bypass a deserialization protection mechanism, as\ndemonstrated by a phar:///path/bad.phar/../good.phar URL.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-09T00:00:00", "type": "ubuntucve", "title": "CVE-2019-11831", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11831"], "modified": "2019-05-09T00:00:00", "id": "UB:CVE-2019-11831", "href": "https://ubuntu.com/security/CVE-2019-11831", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "github": [{"lastseen": "2022-04-15T14:32:19", "description": "The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-30T17:10:14", "type": "github", "title": "Directory Traversal in typo3/phar-stream-wrapper", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11831"], "modified": "2021-09-30T17:10:14", "id": "GHSA-XV7V-RF6G-XWRC", "href": "https://github.com/advisories/GHSA-xv7v-rf6g-xwrc", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T19:29:00", "description": "The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-05-09T04:29:00", "type": "cve", "title": "CVE-2019-11831", "cwe": ["CWE-502", "CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11831"], "modified": "2021-10-01T15:31:00", "cpe": ["cpe:/o:fedoraproject:fedora:29", "cpe:/a:joomla:joomla\\!:3.9.5", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:fedoraproject:fedora:28", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:30"], "id": "CVE-2019-11831", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11831", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:a:joomla:joomla\\!:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nDrupal Security Team reports:\n\nCVE-2019-11831: By-passing protection of Phar Stream Wrapper Interceptor.\nIn order to intercept file invocations like file_exists or stat on compromised Phar archives\n\t the base name has to be determined and checked before allowing to be handled by PHP\n\t Phar stream handling.\n\t The current implementation is vulnerable to path traversal leading to scenarios where the\n\t Phar archive to be assessed is not the actual (compromised) file.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-08T00:00:00", "type": "freebsd", "title": "drupal -- Drupal core - Moderately critical", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11831"], "modified": "2019-05-08T00:00:00", "id": "9B8A52FC-89C1-11E9-9BA0-4C72B94353B5", "href": "https://vuxml.freebsd.org/freebsd/9b8a52fc-89c1-11e9-9ba0-4c72b94353b5.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-05-11T21:39:04", "description": "The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-30T17:10:14", "type": "osv", "title": "Directory Traversal in typo3/phar-stream-wrapper", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11831"], "modified": "2021-09-30T16:49:05", "id": "OSV:GHSA-XV7V-RF6G-XWRC", "href": "https://osv.dev/vulnerability/GHSA-xv7v-rf6g-xwrc", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "typo3": [{"lastseen": "2021-11-27T01:24:56", "description": "Insecure deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application. In July 2018, the vulnerability of insecure deserialization when executing Phar archives was addressed by removing the known attack vector in the TYPO3 core. For more details read the [corresponding TYPO3 advisory](<https://typo3.org/security/advisory/typo3-core-sa-2018-002/>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-08T00:00:00", "type": "typo3", "title": "By-passing protection of Phar Stream Wrapper Interceptor", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11831"], "modified": "2019-05-08T00:00:00", "id": "TYPO3-PSA-2019-007", "href": "https://typo3.org/security/advisory/typo3-psa-2019-007", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2021-12-14T17:47:52", "description": "The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-09T04:29:00", "type": "debiancve", "title": "CVE-2019-11831", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11831"], "modified": "2019-05-09T04:29:00", "id": "DEBIANCVE:CVE-2019-11831", "href": "https://security-tracker.debian.org/tracker/CVE-2019-11831", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2022-05-21T01:16:29", "description": "The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-20T23:21:40", "type": "redhatcve", "title": "CVE-2019-11831", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11831"], "modified": "2022-05-20T23:21:40", "id": "RH:CVE-2019-11831", "href": "https://access.redhat.com/security/cve/cve-2019-11831", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2021-07-28T14:46:51", "description": "Backports unserialize options introduced in PHP 7.0 to older PHP versions. This was originally designed as a Proof of Concept for Symfony Issue [#21090](https://github.com/symfony/symfony/pull/21090). You can use this package in projects that rely on PHP versions older than P HP 7.0. In case you are using PHP 7.0+ the original unserialize() will be used instead. >From the [documentation](https://secure.php.net/manual/en/function.unserialize.php): > Warning: Do not pass untrusted user input to unserialize(). Unserializati on > can result in code being loaded and executed due to object instantiation and > autoloading, and a malicious user may be able to exploit this. This warning holds true even when `allowed_classes` is used. Autoloader: /usr/share/php/Brumann/Polyfill/autoload.php ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-06-27T00:55:35", "type": "fedora", "title": "[SECURITY] Fedora 30 Update:\n php-brumann-polyfill-unserialize-1.0.3-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-06-27T00:55:35", "id": "FEDORA:1BFFA62DE62F", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Interceptors for PHP's native phar:// stream handling. Autoloader: /usr/share/php/TYPO3/PharStreamWrapper/autoload.php ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-17T01:08:10", "type": "fedora", "title": "[SECURITY] Fedora 30 Update:\n php-typo3-phar-stream-wrapper-3.1.1-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-05-17T01:08:10", "id": "FEDORA:D51DE60C7BDF", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Interceptors for PHP's native phar:// stream handling. Autoloader: /usr/share/php/TYPO3/PharStreamWrapper/autoload.php ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-17T01:18:50", "type": "fedora", "title": "[SECURITY] Fedora 28 Update:\n php-typo3-phar-stream-wrapper-3.1.1-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-05-17T01:18:50", "id": "FEDORA:4A9F5608EB90", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Interceptors for PHP's native phar:// stream handling. Autoloader: /usr/share/php/TYPO3/PharStreamWrapper/autoload.php ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-17T03:17:54", "type": "fedora", "title": "[SECURITY] Fedora 29 Update:\n php-typo3-phar-stream-wrapper-3.1.1-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-05-17T03:17:54", "id": "FEDORA:EAFB5608C00A", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Interceptors for PHP's native phar:// stream handling (v2). Autoloader: /usr/share/php/TYPO3/PharStreamWrapper2/autoload.php ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-06-27T00:55:35", "type": "fedora", "title": "[SECURITY] Fedora 30 Update:\n php-typo3-phar-stream-wrapper2-2.1.2-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-06-27T00:55:35", "id": "FEDORA:6876462D6E28", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Backports unserialize options introduced in PHP 7.0 to older PHP versions. This was originally designed as a Proof of Concept for Symfony Issue [#21090](https://github.com/symfony/symfony/pull/21090). You can use this package in projects that rely on PHP versions older than P HP 7.0. In case you are using PHP 7.0+ the original unserialize() will be used instead. >From the [documentation](https://secure.php.net/manual/en/function.unserialize.php): > Warning: Do not pass untrusted user input to unserialize(). Unserializati on > can result in code being loaded and executed due to object instantiation and > autoloading, and a malicious user may be able to exploit this. This warning holds true even when `allowed_classes` is used. Autoloader: /usr/share/php/Brumann/Polyfill/autoload.php ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-06-28T05:21:23", "type": "fedora", "title": "[SECURITY] Fedora 29 Update:\n php-brumann-polyfill-unserialize-1.0.3-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-06-28T05:21:23", "id": "FEDORA:C78C4614ACDE", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Interceptors for PHP's native phar:// stream handling (v2). Autoloader: /usr/share/php/TYPO3/PharStreamWrapper2/autoload.php ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-06-28T05:21:24", "type": "fedora", "title": "[SECURITY] Fedora 29 Update:\n php-typo3-phar-stream-wrapper2-2.1.2-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11830", "CVE-2019-11831"], "modified": "2019-06-28T05:21:24", "id": "FEDORA:60574617A8E7", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-27T10:47:49", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-04T22:16:18", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: drupal7-7.69-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11358", "CVE-2019-11831"], "modified": "2020-01-04T22:16:18", "id": "FEDORA:438D16045644", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-27T10:47:49", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-25T01:06:23", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: drupal7-7.67-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11358", "CVE-2019-11831"], "modified": "2019-05-25T01:06:23", "id": "FEDORA:10ED96049C48", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-27T10:47:49", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-25T03:36:33", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: drupal7-7.67-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922", "CVE-2019-11358", "CVE-2019-11831"], "modified": "2019-05-25T03:36:33", "id": "FEDORA:2B920607600F", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-25T01:11:40", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: drupal7-7.67-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2922", "CVE-2018-7602", "CVE-2019-11358", "CVE-2019-11831"], "modified": "2019-05-25T01:11:40", "id": "FEDORA:0E6FD60E1861", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
